firefoxPackages: tor-browser: init at 6.5.2

This commit is contained in:
SLNOS 2017-04-01 00:00:00 +00:00 committed by Michael Raskin
parent 2f35ab5960
commit 00a0b8a574
3 changed files with 100 additions and 12 deletions

View file

@ -1,5 +1,6 @@
{ pname, version, updateScript ? null
, src, patches ? [], meta }:
, src, patches ? [], overrides ? {}, meta
, isTorBrowserLike ? false }:
{ lib, stdenv, pkgconfig, pango, perl, python, zip, libIDL
, libjpeg, zlib, dbus, dbus_glib, bzip2, xorg
@ -22,12 +23,13 @@
## privacy-related options
, privacySupport ? false
, privacySupport ? isTorBrowserLike
# WARNING: NEVER set any of the options below to `true` by default.
# Set to `privacySupport` or `false`.
, webrtcSupport ? !privacySupport
, loopSupport ? !privacySupport || !isTorBrowserLike
, geolocationSupport ? !privacySupport
, googleAPISupport ? geolocationSupport
, crashreporterSupport ? false
@ -37,21 +39,22 @@
## other
# If you want the resulting program to call itself "Firefox" instead
# of "Nightly" or whatever, enable this option. However, those
# binaries may not be distributed without permission from the
# Mozilla Foundation, see
# If you want the resulting program to call itself
# "Firefox"/"Torbrowser" instead of "Nightly" or whatever, enable this
# option. However, in Firefox's case, those binaries may not be
# distributed without permission from the Mozilla Foundation, see
# http://www.mozilla.org/foundation/trademarks/.
, enableOfficialBranding ? false
}:
assert stdenv.cc ? libc && stdenv.cc.libc != null;
assert !isTorBrowserLike -> loopSupport; # can't be disabled on firefox :(
let
flag = tf: x: [(if tf then "--enable-${x}" else "--disable-${x}")];
in
stdenv.mkDerivation rec {
stdenv.mkDerivation (rec {
name = "${pname}-unwrapped-${version}";
inherit src patches meta;
@ -60,12 +63,14 @@ stdenv.mkDerivation rec {
gtk2 perl zip libIDL libjpeg zlib bzip2
dbus dbus_glib pango freetype fontconfig xorg.libXi
xorg.libX11 xorg.libXrender xorg.libXft xorg.libXt file
nss nspr libnotify xorg.pixman yasm mesa
nspr libnotify xorg.pixman yasm mesa
xorg.libXScrnSaver xorg.scrnsaverproto
xorg.libXext xorg.xextproto sqlite unzip makeWrapper
hunspell libevent libstartup_notification libvpx /* cairo */
icu libpng jemalloc
]
++ lib.optionals (!isTorBrowserLike) [ nss ]
++ lib.optional alsaSupport alsaLib
++ lib.optional pulseaudioSupport libpulseaudio # only headers are needed
++ lib.optionals ffmpegSupport [ gstreamer gst-plugins-base ]
@ -98,8 +103,6 @@ stdenv.mkDerivation rec {
"--with-system-jpeg"
"--with-system-zlib"
"--with-system-bz2"
"--with-system-nspr"
"--with-system-nss"
"--with-system-libevent"
"--with-system-libvpx"
"--with-system-png" # needs APNG support
@ -119,11 +122,33 @@ stdenv.mkDerivation rec {
"--disable-gconf"
"--enable-default-toolkit=cairo-gtk${if gtk3Support then "3" else "2"}"
]
# TorBrowser patches these
++ lib.optionals (!isTorBrowserLike) [
"--with-system-nss"
"--with-system-nspr"
]
# and wants these
++ lib.optionals isTorBrowserLike [
"--with-tor-browser-version=${version}"
"--enable-signmar"
"--enable-verify-mar"
# We opt out of TorBrowser's nspr because that patch is useless on
# anything but Windows and produces zero fingerprinting
# possibilities on other platforms.
# Lets save some space instead.
"--with-system-nspr"
]
++ flag alsaSupport "alsa"
++ flag pulseaudioSupport "pulseaudio"
++ flag ffmpegSupport "ffmpeg"
++ lib.optional (!ffmpegSupport) "--disable-gstreamer"
++ flag webrtcSupport "webrtc"
++ lib.optionals isTorBrowserLike
(flag loopSupport "loop")
++ flag geolocationSupport "mozril-geoloc"
++ lib.optional googleAPISupport "--with-google-api-keyfile=ga"
++ flag crashreporterSupport "crashreporter"
@ -171,8 +196,10 @@ stdenv.mkDerivation rec {
browserName = "firefox";
inherit version updateScript;
isFirefox3Like = true;
inherit isTorBrowserLike;
gtk = gtk2;
inherit nspr;
inherit ffmpegSupport;
};
}
} // overrides)

View file

@ -1,4 +1,4 @@
{ lib, callPackage, fetchurl }:
{ lib, callPackage, fetchurl, fetchFromGitHub }:
let common = opts: callPackage (import ./common.nix opts); in
@ -40,4 +40,64 @@ rec {
};
} {};
tor-browser = common rec {
pname = "tor-browser";
version = "6.5.2";
isTorBrowserLike = true;
# FIXME: fetchFromGitHub is not ideal, unpacked source is >900Mb
src = fetchFromGitHub {
owner = "SLNOS";
repo = "tor-browser";
rev = "tor-browser-45.8.0esr-6.5-2";
sha256 = "0vbcp1qlxjlph0dqibylsyvb8iah3lnzdxc56hllpvbn51vrp39j";
};
overrides = {
unpackPhase = ''
# fetchFromGitHub produces ro sources, root dir gets a name that
# is too long for shebangs. fixing
cp -a $src .
mv *-src tor-browser
chmod -R +w tor-browser
cd tor-browser
# set times for xpi archives
find . -exec touch -d'2010-01-01 00:00' {} \;
'';
};
meta = {
description = "A web browser built from TorBrowser source tree";
longDescription = ''
This is a version of TorBrowser with bundle-related patches
reverted.
I.e. it's a variant of Firefox with less fingerprinting and
some isolation features you can't get with any extensions.
Or, alternatively, a variant of TorBrowser that works like any
other UNIX program and doesn't expect you to run it from a
bundle.
It will use your default Firefox profile if you're not careful
even! Be careful!
It will clash with firefox binary if you install both. But its
not a problem since you should run browsers in separate
users/VMs anyway.
Create new profile by starting it as
$ firefox -ProfileManager
and then configure it to use your tor instance.
'';
homepage = https://www.torproject.org/projects/torbrowser.html;
platforms = lib.platforms.linux;
};
} {
ffmpegSupport = false;
};
}

View file

@ -13787,6 +13787,7 @@ with pkgs;
firefox-unwrapped = firefoxPackages.firefox;
firefox-esr-unwrapped = firefoxPackages.firefox-esr;
tor-browser-unwrapped = firefoxPackages.tor-browser;
firefox = wrapFirefox firefox-unwrapped { };
firefox-esr = wrapFirefox firefox-esr-unwrapped { };